Page MenuHomePhabricator

Convert DatabaseBlock and AbstractBlock to UserIdentity, and make them cross-wiki aware.
Open, HighPublic

Description

Problem: CentralAuthUser calls DatabaseBlock::insert, passing a DB connection to another wiki. The User instance inside DatabaseBlock does not know about that DB, and may load data from the local DB, causing confusion. This was the root cause of T260485, which has a workaround in place.

Solution: DatabaseBlock and AbstractBlock should always use a string as the target and a UserIdentity (or Authority?) as the blocker. They should never create User instances.

NOTE: DatabaseBlock and AbstractBlock are designed to support "foreign" users (which are local actors referring to users on another wiki, using a prefixed user name). They do not properly support cross-wiki user instances.
NOTE: getBlocker() should return a UserIdentity instead of a User. This is a breaking change, but there is only one usage outside core, in the RegexBlock extension, which is trivial to fix.

Event Timeline

daniel triaged this task as High priority.Feb 15 2021, 8:05 PM
daniel updated the task description. (Show Details)

See also T266409 for other blocking-related code (there might be a need to change all of these together, although I haven't really investigated).

FYI: Both parent tasks I just added will be resolved together with this one, T284873 will only need T281972#7090252 to be reverted (currently deployed as a secpatch).